AI-Powered Cybercrime Threats are up 3X across the PH according to Fortinet Survey | #cybercrime | #infosec

As we all know, cybercrime and cybersecurity are very serious matters. However, the developments in AI have also made issues with these become more difficult. Fortinet, a global cybersecurity company, has given us more clarity on the current situation via a study they conducted which revealed that these threats have not only evolved in complexity but also been much more difficult to catch as it has shifted in gaps of governance and even in visibility.

This survey is comprised of 550 IT and security leaders across 11 Asia-Pacific markets—including Australia, India, Indonesia, Malaysia, Singapore, South Korea, Thailand, the Philippines, Vietnam, Hong Kong, and New Zealand—between February and April 2025. Respondents represented organizations with over 250 employees and were directly involved in cybersecurity decision-making. The findings are published in the IDC Info Snapshot, sponsored by Fortinet, State of Cybersecurity in Asia-Pacific: From Constant Risk to Platform-Driven Resilience, May 2025, IDC Doc #AP249601X.

Here is a summary of the findings.

1. AI Joins the Attacker’s Arsenal — And Most Firms Have Felt It
   1. Nearly 78% of organizations in the Philippines said that they have encountered AI-powered cyber threats in the past year.
   2. These types of threats are scaling fast, with a 2X increase reported by 64% and a 3X increase by 28% of organizations.
   3. These threats are harder to detect and often exploits weaknesses in human behaviour, misconfigurations, and identity systems. In the Philippines, the top AI-driven threats reported include deepfake impersonation in business email compromise (BEC), AI-Enabled Social Engineering Attacks, adversarial AI and data poisoning, automated reconnaissance of attack surfaces, and polymorphic malware.
   4. Despite the rise in AI-driven attacks, only 9% of organizations say they are very confident in their ability to defend against them. Meanwhile, 27% acknowledge that AI threats are outpacing their detection capabilities, and 19% of organizations in The Philippines have no ability to track AI-powered threats at all—exposing a significant preparedness gap.
2. Cyber Risk Is Now a Constant, not a Crisis
   1. The most reported threats include ransomware (66%), software supply chain attacks (62%), cloud vulnerabilities (58%), and insider threats (56%) and phishing (50%).
   2. The most disruptive threats are no longer the most obvious. Topping the list are unpatched and zero-day exploits, followed closely by insider threats, cloud misconfigurations, software supply chain attacks, and human error. These threats are particularly damaging because they often go undetected by traditional defenses, exploiting internal weaknesses and visibility gaps. As a result, these quieter, more complex risks are now viewed as more dangerous than well-known threats like ransomware or phishing.
   3. Traditional threats such as phishing and malware are still growing at a rate of ~10%, but this is comparatively modest —likely due to mature defenses like endpoint protection and awareness training. In contrast, the fastest-rising threats include supply chain attacks (16%), IoT/OT attacks (14%), both cloud vulnerabilities and insider threats (12% each), and unpatched/zero day (10%). These threats are scaling rapidly because they exploit gaps in governance, visibility, and system complexity—making them harder to detect and potentially more damaging when successful.
   4. The consequences are no longer limited to downtime. The top business impacts of cyberattacks include loss of customer trust (62%), regulatory penalties (56%); data theft and privacy violations (54%), and operational disruption (42%). Financial damage is also real: 46% of respondents experienced breaches that resulted in monetary loss, with one in four costing over US$500,000.
3. Teams Under Pressure: Too Few People, Too Many Problems
   1. On average, just 7% of an organization’s workforce is dedicated to internal IT, and only 13% of that subset is focused on cybersecurity. That equates to less than one full-time cybersecurity professional for every 100 employees.
   2. Only 15% of organizations have a standalone Chief Information Security Officer (CISO), and most (63%) continue to combine cybersecurity responsibilities with broader IT roles. Just 6% of organizations have specialized teams for functions like threat hunting and security operations.
   3. These lean teams are also facing mounting pressure from the surge in threats. The top challenges reported include overwhelming threat volume (54%), difficulty in retaining skilled cybersecurity talent (52%), and tool complexity (44%)—leading to burnout and fragmentation within cyber teams.
4. Investment Is Rising, but Still Lagging Behind Risk
   1. Despite increased awareness, cybersecurity investment remains disproportionately low. On average, just 15% of IT budgets are allocated to cybersecurity, representing just over 1.4% of total revenue—a small fraction given the scale and severity of threats.
   2. However, budgets are ticking up, with nearly 80% of organizations in The Philippines reporting an increase. However, most of these increases remain under 10%, suggesting that investment is still cautious.
   3. Organizations are increasingly shifting from infrastructure-heavy spending to more strategic investments. The top five priorities include identity security, network security, SASE/Zero Trust, cyber resilience, and cloud-native application protection—indicating a shift toward access-centric, risk-based security planning.
   4. However, critical areas such as OT/IoT security, DevSecOps, and security training continue to receive limited funding—indicating a persistent lag in addressing operational and human-layer vulnerabilities.
5. Platform-Driven Resilience Amid Rising Complexity
   1. Convergence between security and networking is now mainstream, with 96% of respondents in The Philippines either already converging or actively evaluating options. This move reflects the urgency to simplify architectures, integrate defenses, and streamline operations.
   2. Around 70% of organizations are already on a consolidation journey—but challenges remain. Despite this progress, nearly half of all respondents still cite tool management as a major challenge, indicating that the problem is no longer the number of tools, but the fragmentation and lack of integration across them.
   3. Vendor consolidation is increasingly viewed as a strategic lever—not just for cost reduction, but to improve detection speed, issue resolution, and visibility. The top benefits organizations seek from consolidation include faster support (59%), cost savings (53.0%), better integration (53%), and improved security posture (51%).

As AI continues to grow and develop and as we find more and more ways to integrate it in our daily lives, we need to be able to be more aware and more vigilant about threats like these and find more ways to keep ourselves protected and safe.